2 matches found
CVE-2010-4322
Cross-site scripting XSS vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog aka What Are You Working On? field...
CVE-2010-4322
CVE-2010-4322: A stored XSS in gwtTeaming.rpc of Novell Vibe OnPrem 3 BETA via the Micro Blog field; lack of input sanitization/output encoding allows remote authenticated users to inject script. Impact includes potential session cookie theft, session hijacking, and related abuse. Fixed in the fi...